After reading this chapter and completing the exercises, you will be able to do the following:
Understand the rationale for the systems development life cycle (SDLC).
Recognize the stages of software releases.
Appreciate the importance of developing secure code.
Be aware of the most common application development security faults.
Explain cryptographic components.
Develop policies related to systems acquisition, development, and maintenance.
Section 14 of ISO 27002:2013: “Information Systems Acquisition, Development, and Maintenance (ISADM)” focuses on the security requirements of information systems, application, and code from conception to destruction. ...